computerprojectsdufffandomcom-20200215-history
All About Spoofing
What is Spoofing? Computer Spoofing is a technique used by hackers and threats that allows them to gain unauthorized access to the target's computer. Messages and data packets that come from the spoofer disguise their IP Address to trick the victim's computer into thinking it is from a trusted source. As a result, many private files and information are stolen and used harmfully. How Do You Become A Target? Spoofers have two ways to successfully spoof and essentially hack into the victim's computer: MITM (Man in the Middle attack) is when a hacker alters the connection between two users who believe they are communicating in a private conversation only with each other. The spoofer is disguised as a useless connection between the two parties and carefully listens in for useful information. In addition, he/she can send the other user messages which appear to be from the other party and can also control what messages are sent to the original recipient. CSRF (Cross Site Request Forgery) is when the victim enters a malicious website (Email, Blog, etc.) which causes the unauthorized commands to automatically execute depending on the target's actions. The spoofer disguises itself as a user that the website trusts, allowing messages to be sent to the victim when an action is executed by the target. This act falls into the category of Phishing which has a hacker send the user a fake website disguising as the official website, asking for the victim to enter in his/her credentials and security information, leading to a successful hack in a person's bank account, email, etc. The difference between CSRF and MITM is that CSRF exploits the identity of the victim which essentially tricks the user's browser to send false packets to the target. On the other hand, MITIM tricks two parties in hiding itself in a "private" connection between the two parties, allowing for dangerous information to be given out to the hacker. Types of Spoofing Spoofing attacks are categorized into three different attacks: IP Address Spoofing Attack is the most used and common attack out of the three methods. To summarize, it is when a hacker disguises his/her ip address from a fake source to one that is trusted in the network. An example of this is DDOSing (Denial of Service attack) which is when networks are overloaded with empty packets that appear to be from a trusted IP Address when in fact, a spoofer is at work and disguising itself. DDOSing the target will have their network flooded with more packets that it can handle resulting in a damaged or shutdown network. ARP Spoofing Attack (Address Resolution Protocol) is a protocol mainly to check IP Addresses that link to MAC (Media Action Control). To summarize, the spoofer will send fake ARP messages through a LAN to link itself to the victim's IP Address. As a result, the data being sent to the victim's IP Address is instead sent to the hacker instead. Personal information, disruption of networks, passwords, etc could be stolen through this act. DNS Server Attack (Domain Name System) is when a hacker reroutes a domain name to a different IP Address usually under control of an hacker that is filled with viruses and malware. DNS is used on computer's to resolve website links, email and such on to the IP address of the user for a successful connection. By rerouting the DNS, the new IP Address can then send dangerous files to the user without him/her knowing. How to Prevent Spoofing There are 3 different ways to prevent spoofers from successfully spoofing your computer: Packet Filtering: Packet filters scan every packet sent to your IP Address and verify the sources addresses. It will know to block and prevent all packets that are sent from an address that is found inside the network, knowing it is disguised, It is most effective against IP Address Spoofing Attacks. Spoofing Detection Software: There are many programs out right now that verify all data and packets sent from an outside source to a computers network. It will block all packets that appear to be spoofed. It is most effective against ARP Spoofing Attacks. Cryptographic Network Protocols: Transporting Layer Security (TLS), HTTPS (HTTP Secure) and SSH (Secure Shell) can be used as communication protocols to encrypt all data before being sent and verification when receiving. Final Rating Spoofing is fairly easy to do if you are skilled in manipulating people. It is hard finding the right/gullible victim but once that is done, the act of spoofing is very easy. It is beneficial to obviously the hacker but companies can spoof themselves to test how great of a security system they have on the company to prevent future threats. Rating: 7 Quiz on Spoofing Question 1: What is Spoofing? a) Spoofing is a technique used by hackers to gain unauthorized access to a computer b) Spoofing is a technique used by hackers to steal someone's identity through the use of a computer c) Spoofing is a technique used by hackers to listen in on private conversations and steal private information d) Spoofing is a technique used by hackers to control the targets computer and steal personal information Answer: a) Question 2: Through which way(s) can a hacker successfully spoof a victim's computer? a) Man in the Middle Attack b) IP Site Request Attack c) Cross Site Request Forgery d) a) and b) e) a) and c) f) All of the above (a,b,c) Answer: e) Question 3: What of types of spoofing do hackers use? a) DNS Address Attack b) ARP Server Attack c) DNS Server Attack d) IP Address Spoofing Attack e) ARP Spoofing Attack f) d) and e) g) a), c), e) h) c), d), e) Answer: h) Question 4: What can you do to prevent spoofing? a) Packet Filtering b) Packet Detection Software c) Cryptographic Spoofing Protocols d) Spoofing Detection Software e) Cryptographic Network Protocols f) b) and d) g) b) and e) h) a), b), d) i) a), d), e) Answer: i) Question 5: Spoofing is only beneficial towards hackers and threats. a) True b) False (Explain why if False) Question 6: Packet Filtering is most effective against ARP Spoofing Attacks a) True b) False (Correct Sentence) Question 7: Spoofing Detection Software is most effective against IP Address Spoofing Attacks a) True b) False (Correct Sentence) Question 8: Phishing is a form of CSRF a) True b) False (Correct Sentence) Question 9: DDOSing is a form of an IP Address Spoofing Attack a) True b) False (Correct Sentence) Question 10: What would you rate Spoofing in terms of its level of easiness? Why? Write in space provided References "Spoofing." Definition. Web. 6 Mar. 2015. . "IP Spoofing." What Is ? Webopedia. Web. 6 Mar. 2015. . "Spoofing Attack: IP, DNS & ARP." Veracode. Web. 6 Mar. 2015. .